def payload_encryption_test():
password = b'testpwd'
payload = {'ccnum': '1111222233334444', 'expdate': '09/13/2018', 'cvc': '123', 'notes': 'adding user notes'}
salt = Encrypt.generate_salt()
print('ENCRYPT\TEST: salt: ', salt)
sym_key_box = Encrypt.generate_key(password, salt)
print('ENCRYPT\TEST: sym_key_box: ', sym_key_box)
sym_key = Encrypt.decrypt_key(sym_key_box, password, salt)
print('ENCRYPT\TEST: sym_key: ', sym_key)
# Payload encryption (encrypt the payload)
json_payload_string = json.dumps(payload)
print('JSON PAYLOAD:', json_payload_string)
encrypted_payload = Encrypt.encrypt_payload(sym_key, json_payload_string.encode())
print('ENCRYPT\TEST: encrypted_payload: ', encrypted_payload)
decrypted_payload = Encrypt.decrypt_payload(sym_key, encrypted_payload)
print('ENCRYPT\TEST: decrypted_payload: ', decrypted_payload)
payload_dict = json.loads(decrypted_payload)
print(payload_dict)
print(payload_dict["ccnum"])
print(payload_dict["expdate"])
print(payload_dict["cvc"])
print(payload_dict["notes"])
def register():
print('SERVER/LOG: Opening registration page')
if request.method == 'POST':
user = request.form['username']
email = request.form['email']
pwd = request.form['password']
create_date = str(timestamp)
print('SERVER/LOG: Account created by ', user, ' at ', create_date)
# TODO: Server side logic to salt and encrypt password
salt = Encrypt.generate_salt()
session_key = Encrypt.generate_session_key()
sym_key_box = Encrypt.generate_key(pwd.encode(), salt)
values = (user, email, create_date, base64.b64encode(salt),
base64.b64encode(session_key), base64.b64encode(sym_key_box))
db.insert_user(values)
return render_template('register.html')
def full_encryption_test():
user = '******'
password = b'testpwd'
ccnum = '1111222233334444'
salt = Encrypt.generate_salt()
print('ENCRYPT\TEST: salt: ', salt)
sym_key_box = Encrypt.generate_key(password, salt)
print('ENCRYPT\TEST: sym_key_box: ', sym_key_box)
sym_key = Encrypt.decrypt_key(sym_key_box, password, salt)
print('ENCRYPT\TEST: sym_key: ', sym_key)
# Payload encryption (encrypt the payload)
encrypted_payload = Encrypt.encrypt_payload(sym_key, ccnum)
print('ENCRYPT\TEST: encrypted_payload: ', encrypted_payload)
decrypted_payload = Encrypt.decrypt_payload(sym_key, encrypted_payload)
print('ENCRYPT\TEST: decrypted_payload: ', decrypted_payload)
def test_insert_full_user():
'''
Test registration logic, including encrypted storage
:param values=(user, email, createDate, salt, auth, symmetricBox):
'''
user = '******'
email = '*****@*****.**'
createDate = '12042017'
password = b'testpwd'
salt = Encrypt.generate_salt()
session_key = Encrypt.generate_session_key()
sym_key_box = Encrypt.generate_key(password, salt)
values = (user, email, createDate, str(salt), str(session_key),
str(sym_key_box))
insert_statement = (
"INSERT INTO user (user, email, createDate, salt, auth, symmetricBox)"
"VALUE (%s, %s, %s, %s, %s, %s)")
db.insert_row(insert_statement, values)\
